<?php
session_save_path("/home/users/web/b2423/ipg.projectffcom/cgi-bin/tmp"); 
session_start();
 
$con = mysql_connect("projectffcom.ipagemysql.com", "admin_user", "poghjk123"); 
mysql_select_db(main, $con);

if(!isset($_SESSION['username']))
{
	$creator_username=$_SESSION['username'];
	$league_name=$_GET['league_name'];
	$_SESSION['num_teams']=$_GET['num_teams'];
	$num_teams=$_GET['num_teams'];	
}



//protect against SQL injection
$creator_username = stripslashes($creator_username);
$league_name = stripslashes($league_name);
$num_teams = stripslashes($num_teams);

$creator_username = mysql_real_escape_string($creator_username);
$league_name = mysql_real_escape_string($league_name);
$num_teams = mysql_real_escape_string($num_teams);

$query = mysql_query("INSERT INTO LEAGUE_INFO (CREATOR_USERNAME, LEAGUE_NAME, NUM_TEAMS) VALUES ('$creator_username','$league_name','$num_teams')");

mysql_close($con);

header('Location: http://www.project-ff.com/trunk/main/create-tab1.html');

?>
